﻿<!--#include file="../lib/base.asp"-->
<!--#include file="../theme.asp"-->
<%
sdcms.checkuserlogin
dim act:act=lcase(sdcms.fget("act",0))
select case act
	case "checkdb":checkdb()
	case else
		sdcms.show theme_userpassword,""
end select

sub checkdb()
	dim t0,t1,t2
	t0=sdcms.enhtml(sdcms.fpost("oldpass",0))
	t1=sdcms.enhtml(sdcms.fpost("password",0))
	t2=sdcms.enhtml(sdcms.fpost("repass",0))
	dim userdata:userdata=sdcms.userinfo
	if not(sdcms.checkpost) then
		sdcms.ajaxjson "禁止外部提交数据",0
		exit sub
	end if
	if sdcms.strlen(t0)=0 then
		sdcms.ajaxjson "原密码不能为空",0
		exit sub
	end if
	if md5(t0)<>userdata(2) then
		sdcms.ajaxjson "原密码错误",0
		exit sub
	end if
	if sdcms.strlen(t1)=0 then
		sdcms.ajaxjson "新密码不能为空",0
		exit sub
	end if
	if md5(t1)=userdata(2) then
		sdcms.ajaxjson "新密码不能和原密码一致",0
		exit sub
	end if
	if not(sdcms.checkstr(t1,"password")) then
		sdcms.ajaxjson "新密码由6-16位数字、字母组成",0
		exit sub
	end if
	if sdcms.strlen(t2)=0 then
		sdcms.ajaxjson "确认密码不能为空",0
		exit sub
	end if
	if t1<>t2 then
		sdcms.ajaxjson "两次密码不一致",0
		exit sub
	end if
	sdcms.db.dbupdate "sd_user","id="&userdata(0)&"",array(array("password",md5(t1),0,1))
	sdcms.resetuserinfo "u.id="&userdata(0)&""
	sdcms.ajaxjson "&#23494;&#30721;&#20462;&#25913;&#25104;&#21151;",1
end sub
sdcms.db.dbclose
%>